Active Directory Domain Services (AD DS) was introduced with the release of Windows 2000 Server and has been included in each subsequent release of the server operating system from Microsoft. The majority of companies have at least one AD DS forest deployed. However, some companies continue to deploy new AD DS forests for various reasons.

Install a New Windows Server 2008 Forest

Scenario/Problem: In some cases, you will deploy a new Windows Server 2008 Active Directory Domain Service forest instead of adding domain controllers (DCs) to an existing forest. Although the installation of a new Windows Server 2008 AD DS forest does not require any of the preparation steps that were performed in Chapter 2, “Prepare for Active Directory Domain Services Installation,” you still need to perform the installation following specific steps.

Solution: Installing a new Windows Server 2008 forest consists of promoting a Windows Server 2008 server to a domain controller. Thereafter, additional DCs and domains can be added to the new forest. The installation of a new Windows Server 2008 forest can be performed by using the Windows interface, the command line, and an answer file.

Install a New Forest by Using the Windows Interface

To install a new forest by using the Windows interface, perform the following steps using a local account that has membership in the following local group:

On the Installation Results page, shown in Figure shown in Figure 3.2, verify that the installation succeeded and then click Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe).

It is a best practice to assign a static IP address as opposed to a dynamic IP address on a domain controller. If you have not assigned a static IP address, now is the best time to do so. If you proceed with the steps that follow without assigning a static IP address, you will be presented with a warning during the AD DS installation process. You can accept the warning and proceed with the installation if desired.

Active Directory Domain Services functional levels control the available domain or forest advanced features. For example, a number of the new features introduced in Windows Server 2008 require a domain functional level of Windows Server 2008. Functional levels also control the operating systems that you can run on domain controllers. If your domain functional level is set to Windows Server 2008, you cannot have domain controllers that have Windows Server 2003 installed. Lastly, once you set or raise a functional level, you cannot change the functional level to a lower level.

If you set a forest functional level other than Windows Server 2008, the Set Domain Functional Level page displays, as shown in Figure 3.6. Select the domain functional level that meets your requirements and click Next.

On the Additional Domain Controller Options page, shown in Figure 3.7, DNS Server is selected by default, which allows the DNS infrastructure to be created by the installation process. If you plan to use AD-Integrated DNS, click Next. If you plan to use an existing DNS infrastructure and do not want the domain controller to be a DNS server, clear the DNS Server check box and click Next.

On the Location for Database, Log Files, and SYSVOL page, shown in Figure 3.9, type the volume and folder locations for the database file, the directory service log files, and the SYSVOL files; then click Next.

After the installation is complete, the Completing the Active Directory Domain Services Installation Wizard page appears, as shown in Figure 3.13. Ensure the installation was successful and click Finish.

Install a New Forest by Using the Command Line

Active Directory Domain Services can also be installed by using the command line. This is particularly useful when installing AD DS on a server that has a Server Core installation of Windows Server 2008.

The installation options when using the command line are the same as those used when installing AD DS using an unattended installation. When installing AD DS by using the command line, you type the installation options and parameters into the command line as opposed to an answer file, which is used for an unattended installation.

Table 3.1 lists the installation parameters used in the steps that follow and the corresponding action of each parameter.

Table 3.1. Installing a New Forest by Using the Command Line Installation Parameters

When the installation process is complete, the server reboots automatically if the /rebootOnCompletion option was used in the command line. If the /rebootOnCompletion option was not used in the command line, you are prompted to restart the server.

The dcpromo process begins by determining whether the AD DS binaries are installed. If the binaries are not installed, dcpromo installs them.

After the AD DS binaries have been installed, a summary of the installation options is presented in the command prompt window; then the AD DS installation process begins. The status of the AD DS installing is updated in the command prompt window.

When the installation process is complete, the server reboots automatically if the /rebootOnCompletion option was used in the answer file. If the /rebootOnCompletion was not used in the answer file, you are prompted to restart the server.